TCP/IP protocol is the prevalent methodology for nodes to communicate with each other over the internet. Typically a TCP/IP connection between two nodes is established with a so-called three way handshake and is well understood, so it will not be repeated here in detail. However, by way of summary, in a first frame of a connection, the initiating node sends a SYN request to the target node. The target node responds in the second frame with a SYN-ACK to acknowledge the request of the client for synchronization. Then in the third frame, the initiating computer sends a response ACK. These three frames establish the connection. Thereafter data packets are exchanged and the session is terminated by the transmission of a FIN.
Every day nodes connected to the Internet throughout the internet are attacked and disabled through the use of the TCP/IP protocol by attackers utilizing what is known as a “Denial of Service” (DoS) or a “Distributed Denial of Service” (DDoS) attacks. These attacks share the following characteristics:                Massive amounts of network traffic sent from 1 or more IP addresses in a short period of time.        Multiple IP addresses around the world join in the attack        After a period the attacked network node (victim) can no longer cope with the large traffic volume and it fails or becomes disabled.        
Current attempts at solving the DoS/DDoS attack problem depend on simply blocking the attack traffic (not establishing a connection) as quickly as possible after the attack is recognized. This blocking is typically accomplished by the node under attack sending a network reset to each of the attacking nodes in the second frame, which consumes the target or victims network resources, thereby compounding the attack. In any event, when the victim is under attack from hundreds of thousands of attack IP address it is virtually impossible to defeat these attacks using a blocking methodology. Alternatives such as deflecting or re-directing the incoming packets to a so-called black hole usually fare no better because the attack node is free to continue its attack on the victim node. Thus there is a need to provide an effective counter-measure to these attacks.